Recovery settings help you configure the restore and recycle options on the objects in the domain that you wish to recover. Using the settings in this section, you can perform the following operations while recovering AD objects:
- Use default password
- Preserve object password
- Force replication
- Recover tombstone expired objects
Default passwords
This option allows you to set a default password when you restore deleted user accounts.
To enable this feature,
- Login to ADAudit Plus and navigate to AD Backup tab → Settings → Recovery Settings.
- Click Show Password option to view the default password for recycled user accounts.
- To change the default password, click the icon located in the Action column of the relevant domain, click [Change] and then type in the new password.
- Click Save to save the changes.
Preserve object password
Select this option if you want to retain a user's last set password in the AD. This helps in restoring the last set password along with the user account during restoration.
To enable this feature,
- Login to ADAudit Plus and navigate to AD Backup tab → Settings → Recovery Settings.
- Click the icon located in the Action column of the relevant domain and mark the checkbox against Preserve Object Password.
- Click Save.
Note: ADAudit Plus does not store users passwords. When this option is selected, ADAudit Plus modifies the AD schema to instruct AD to retain the Unicode-pwdattribute when a user is deleted. When deleted users are restored, the Unicode-pwd attribute is also restored along with the other attributes of the user, thereby restoring the users’ last set password.
Force replication
Enabling this setting will immediately replicate any Restore/Rollback changes to all other domain controllers in the domain.
To enable force replication,
- Login to ADAudit Plus and navigate to AD Backup tab → Settings → Recovery Settings.
- Click the icon located in the Action column of the relevant domain and mark the checkbox against Force Replication.
- Save the changes.
Recover tombstone lifetime expired objects
To enable recovery of tombstone lifetime expired objects,
- Login to ADAudit Plus and navigate to AD Backup tab → Settings → Recovery Settings.
- Click the icon located in the Action column of the relevant domain and mark the checkbox against Recover Tombstone Expired Objects.
- Save the changes.